Compositional CompCert

Gordon Stewart, Lennart Beringer, Santiago Cuellar, Andrew W. Appel

Research output: Contribution to journalArticle

4 Scopus citations

Abstract

This paper reports on the development of Compositional Comp-Cert, the first verified separate compiler for C. Specifying and proving separate compilation for C is made challenging by the coincidence of: compiler optimizations, such as register spilling, that introduce compiler-managed (private) memory regions into function stack frames, and C's stack-allocated addressable local variables, which may leak portions of stack frames to other modules when their addresses are passed as arguments to external function calls. The CompCert compiler, as built/proved by Leroy et al. 2006-2014, has proofs of correctness for whole programs, but its simulation relations are too weak to specify or prove separately compiled modules. Our technical contributions that make Compositional CompCert possible include: language-independent linking, a new operational model of multilanguage linking that supports strong semantic contextual equivalences; and structured simulations, a refinement of Beringer et al.'s logical simulation relations that enables expressive module-local invariants on the state communicated between compilation units at runtime. All the results in the paper have been formalized in Coq and are available for download together with the Compositional CompCert compiler.

Original languageEnglish (US)
Pages (from-to)275-287
Number of pages13
JournalACM SIGPLAN Notices
Volume50
Issue number1
DOIs
StatePublished - Jan 2015

All Science Journal Classification (ASJC) codes

  • Computer Science(all)

Keywords

  • CompCert
  • Compiler correctness

Fingerprint Dive into the research topics of 'Compositional CompCert'. Together they form a unique fingerprint.

  • Cite this

    Stewart, G., Beringer, L., Cuellar, S., & Appel, A. W. (2015). Compositional CompCert. ACM SIGPLAN Notices, 50(1), 275-287. https://doi.org/10.1145/2676726.2676985